methodology
Consilience: The principle that evidence from different,
unrelated sources can converge on strong conclusions.
assessment
Assess technical vulnerabilities and cybersecurity risk on an enterprise scale
Specify risk-relevant processes, workflows and cultural artifacts that can lead to information compromises
Examine cybersecurity risk in context and in light of business requirements
​
Create models, frameworks and metrics that enable deeper insights into cyber security risk and implications.
Recommend security controls that align with the organizational tolerance for risk
Suggest countermeasures to state-sponsored information collection efforts in high-risk countries
CYber security Risk assessment
Board Engagement
Enterprise Level Assessment
Security Governance
Root Causes &
Systemic Risk Factors
Resilience
Macroscopic Security
Controls
Risk-Relevant Organizational Features
Technology & Business
Operations Assessment
External View
Internal View
Attack Surface Discovery
Third party Dependencies
Vulnerability
Scan
Independent
Ratings
Recon Tools
Functional Discovery:
Interviews on Business Processes, Cyber and Physical Security Technologies, Information Assets
CIS Controls
Gap Analysis
Basic Hygiene
Foundational
Advanced
ANALYSIS: RISK-RELEVANT OBSERVATIONS, CORRELATIONS, VULNERABILITIES & RECOMMENDATIONS ON REMEDIATION.